npm - clay-server - Versions diffs - 2.8.2 → 2.9.0 - Mend

clay-server 2.8.2 → 2.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/README.md +2 -0
package/bin/cli.js +122 -2
package/lib/config.js +20 -1
package/lib/daemon.js +40 -0
package/lib/pages.js +670 -27
package/lib/project.js +267 -16
package/lib/public/app.js +74 -14
package/lib/public/css/admin.css +576 -0
package/lib/public/css/icon-strip.css +1 -0
package/lib/public/css/menus.css +16 -11
package/lib/public/css/overlays.css +2 -4
package/lib/public/css/sidebar.css +49 -0
package/lib/public/css/title-bar.css +45 -1
package/lib/public/index.html +38 -8
package/lib/public/modules/admin.js +631 -0
package/lib/public/modules/markdown.js +9 -5
package/lib/public/modules/profile.js +21 -0
package/lib/public/modules/project-settings.js +4 -1
package/lib/public/modules/server-settings.js +13 -0
package/lib/public/modules/sidebar.js +111 -5
package/lib/public/style.css +1 -0
package/lib/push.js +6 -0
package/lib/server.js +1075 -27
package/lib/sessions.js +127 -41
package/lib/smtp.js +221 -0
package/lib/users.js +459 -0
package/package.json +2 -1

package/lib/sessions.js CHANGED Viewed

@@ -2,10 +2,13 @@ var fs = require("fs");
 var path = require("path");
 var config = require("./config");
 var utils = require("./utils");
+var users = require("./users");
 function createSessionManager(opts) {
   var cwd = opts.cwd;
   var send = opts.send;          // function(obj) - broadcast to all clients
+  var sendTo = opts.sendTo || null; // function(ws, obj) - send to specific client
+  var sendEach = opts.sendEach || null; // function(fn) - call fn(ws) for each connected client
   var sendAndRecord = null;      // set after init via setSendAndRecord
   // --- Multi-session state ---
@@ -80,6 +83,8 @@ function createSessionManager(opts) {
         title: session.title,
         createdAt: session.createdAt,
       };
+      if (session.ownerId) metaObj.ownerId = session.ownerId;
+      if (session.sessionVisibility) metaObj.sessionVisibility = session.sessionVisibility;
       if (session.lastRewindUuid) metaObj.lastRewindUuid = session.lastRewindUuid;
       if (session.loop) metaObj.loop = session.loop;
       var meta = JSON.stringify(metaObj);
@@ -87,7 +92,11 @@ function createSessionManager(opts) {
       for (var i = 0; i < session.history.length; i++) {
         lines.push(JSON.stringify(session.history[i]));
       }
-      fs.writeFileSync(sessionFilePath(session.cliSessionId), lines.join("\n") + "\n");
+      var sfPath = sessionFilePath(session.cliSessionId);
+      fs.writeFileSync(sfPath, lines.join("\n") + "\n");
+      if (process.platform !== "win32") {
+        try { fs.chmodSync(sfPath, 0o600); } catch (chmodErr) {}
+      }
     } catch(e) {
       console.error("[session] Failed to save session file:", e.message);
     }
@@ -97,7 +106,11 @@ function createSessionManager(opts) {
     if (!session.cliSessionId) return;
     session.lastActivity = Date.now();
     try {
-      fs.appendFileSync(sessionFilePath(session.cliSessionId), JSON.stringify(obj) + "\n");
+      var afPath = sessionFilePath(session.cliSessionId);
+      fs.appendFileSync(afPath, JSON.stringify(obj) + "\n");
+      if (process.platform !== "win32") {
+        try { fs.chmodSync(afPath, 0o600); } catch (chmodErr) {}
+      }
     } catch(e) {
       console.error("[session] Failed to append to session file:", e.message);
     }
@@ -159,6 +172,8 @@ function createSessionManager(opts) {
         lastRewindUuid: m.lastRewindUuid || null,
       };
       if (m.loop) session.loop = m.loop;
+      if (m.ownerId) session.ownerId = m.ownerId;
+      session.sessionVisibility = m.sessionVisibility || "shared";
       sessions.set(localId, session);
     }
   }
@@ -176,32 +191,65 @@ function createSessionManager(opts) {
     resolveLoopInfo = fn;
   }
+  function mapSessionForClient(s, clientActiveId) {
+    var loop = s.loop ? Object.assign({}, s.loop) : null;
+    if (loop && loop.loopId && resolveLoopInfo) {
+      var info = resolveLoopInfo(loop.loopId);
+      if (info) {
+        if (info.name) loop.name = info.name;
+        if (info.source) loop.source = info.source;
+      }
+    }
+    var isActive = (typeof clientActiveId === "number") ? s.localId === clientActiveId : s.localId === activeSessionId;
+    return {
+      id: s.localId,
+      cliSessionId: s.cliSessionId || null,
+      title: s.title || "New Session",
+      active: isActive,
+      isProcessing: s.isProcessing,
+      lastActivity: s.lastActivity || s.createdAt || 0,
+      loop: loop,
+      ownerId: s.ownerId || null,
+      sessionVisibility: s.sessionVisibility || "shared",
+    };
+  }
+  function getVisibleSessions() {
+    var multiUser = users.isMultiUser();
+    return [...sessions.values()].filter(function (s) {
+      if (s.hidden) return false;
+      if (!multiUser) {
+        // Single-user mode: only show sessions without ownerId
+        return !s.ownerId;
+      }
+      // Multi-user mode: include all sessions (per-user filtering done by canAccessSession)
+      return true;
+    });
+  }
   function broadcastSessionList() {
-    send({
-      type: "session_list",
-      sessions: [...sessions.values()].filter(function(s) { return !s.hidden; }).map(function(s) {
-        var loop = s.loop ? Object.assign({}, s.loop) : null;
-        if (loop && loop.loopId && resolveLoopInfo) {
-          var info = resolveLoopInfo(loop.loopId);
-          if (info) {
-            if (info.name) loop.name = info.name;
-            if (info.source) loop.source = info.source;
-          }
+    var allVisible = getVisibleSessions();
+    if (sendEach) {
+      // Per-client filtering (multi-user mode)
+      sendEach(function (ws, filterFn) {
+        var filtered = filterFn ? allVisible.filter(filterFn) : allVisible;
+        var clientActiveId = ws._clayActiveSession;
+        if (ws.readyState === 1) {
+          ws.send(JSON.stringify({
+            type: "session_list",
+            sessions: filtered.map(function (s) { return mapSessionForClient(s, clientActiveId); }),
+          }));
         }
-        return {
-          id: s.localId,
-          cliSessionId: s.cliSessionId || null,
-          title: s.title || "New Session",
-          active: s.localId === activeSessionId,
-          isProcessing: s.isProcessing,
-          lastActivity: s.lastActivity || s.createdAt || 0,
-          loop: loop,
-        };
-      }),
-    });
+      });
+    } else {
+      send({
+        type: "session_list",
+        sessions: allVisible.map(function (s) { return mapSessionForClient(s); }),
+      });
+    }
   }
-  function createSession() {
+  function createSession(sessionOpts, targetWs) {
     var localId = nextLocalId++;
     var session = {
       localId: localId,
@@ -219,9 +267,11 @@ function createSessionManager(opts) {
       lastActivity: Date.now(),
       history: [],
       messageUUIDs: [],
+      ownerId: (sessionOpts && sessionOpts.ownerId) || null,
+      sessionVisibility: (sessionOpts && sessionOpts.sessionVisibility) || "shared",
     };
     sessions.set(localId, session);
-    switchSession(localId);
+    switchSession(localId, targetWs);
     return session;
   }
@@ -234,7 +284,8 @@ function createSessionManager(opts) {
     return 0;
   }
-  function replayHistory(session, fromIndex) {
+  function replayHistory(session, fromIndex, targetWs) {
+    var _send = (targetWs && sendTo) ? function (obj) { sendTo(targetWs, obj); } : send;
     var total = session.history.length;
     if (typeof fromIndex !== "number") {
       if (total <= HISTORY_PAGE_SIZE) {
@@ -244,10 +295,10 @@ function createSessionManager(opts) {
       }
     }
-    send({ type: "history_meta", total: total, from: fromIndex });
+    _send({ type: "history_meta", total: total, from: fromIndex });
     for (var i = fromIndex; i < total; i++) {
-      send(session.history[i]);
+      _send(session.history[i]);
     }
     // Find the last result message in the full history for accurate context data
@@ -266,27 +317,31 @@ function createSessionManager(opts) {
       }
     }
-    send({ type: "history_done", lastUsage: lastUsage, lastModelUsage: lastModelUsage, lastCost: lastCost, lastStreamInputTokens: lastStreamInputTokens });
+    _send({ type: "history_done", lastUsage: lastUsage, lastModelUsage: lastModelUsage, lastCost: lastCost, lastStreamInputTokens: lastStreamInputTokens });
   }
-  function switchSession(localId) {
+  function switchSession(localId, targetWs) {
     var session = sessions.get(localId);
     if (!session) return;
     activeSessionId = localId;
-    send({ type: "session_switched", id: localId, cliSessionId: session.cliSessionId || null, loop: session.loop || null });
+    // In multi-user mode with a specific client, only send to that client
+    var _send = (targetWs && sendTo) ? function (obj) { sendTo(targetWs, obj); } : send;
+    _send({ type: "session_switched", id: localId, cliSessionId: session.cliSessionId || null, loop: session.loop || null });
     broadcastSessionList();
-    replayHistory(session);
+    replayHistory(session, undefined, targetWs);
     if (session.isProcessing) {
-      send({ type: "status", status: "processing" });
+      _send({ type: "status", status: "processing" });
     }
     // Re-send any pending permission requests
     var pendingIds = Object.keys(session.pendingPermissions);
     for (var i = 0; i < pendingIds.length; i++) {
       var p = session.pendingPermissions[pendingIds[i]];
-      send({
+      _send({
         type: "permission_request_pending",
         requestId: p.requestId,
         toolName: p.toolName,
@@ -297,7 +352,7 @@ function createSessionManager(opts) {
     }
   }
-  function deleteSession(localId) {
+  function deleteSession(localId, targetWs) {
     var session = sessions.get(localId);
     if (!session) return;
@@ -317,9 +372,9 @@ function createSessionManager(opts) {
     if (activeSessionId === localId) {
       var remaining = [...sessions.keys()];
       if (remaining.length > 0) {
-        switchSession(remaining[remaining.length - 1]);
+        switchSession(remaining[remaining.length - 1], targetWs);
       } else {
-        createSession();
+        createSession(null, targetWs);
       }
     } else {
       broadcastSessionList();
@@ -344,7 +399,23 @@ function createSessionManager(opts) {
   function doSendAndRecord(session, obj) {
     session.history.push(obj);
     appendToSessionFile(session, obj);
-    if (session.localId === activeSessionId) {
+    if (sendEach) {
+      // Multi-user: send to clients whose active session matches this one
+      var data = JSON.stringify(obj);
+      var ioData = null;
+      sendEach(function (ws) {
+        if (ws._clayActiveSession === session.localId) {
+          if (ws.readyState === 1) ws.send(data);
+        } else if (session.isProcessing && !session._ioThrottle) {
+          if (!ioData) ioData = JSON.stringify({ type: "session_io", id: session.localId });
+          if (ws.readyState === 1) ws.send(ioData);
+        }
+      });
+      if (session.isProcessing && !session._ioThrottle && ioData) {
+        session._ioThrottle = true;
+        setTimeout(function () { session._ioThrottle = false; }, 80);
+      }
+    } else if (session.localId === activeSessionId) {
       send(obj);
     } else if (session.isProcessing && !session._ioThrottle) {
       session._ioThrottle = true;
@@ -353,7 +424,7 @@ function createSessionManager(opts) {
     }
   }
-  function resumeSession(cliSessionId, opts) {
+  function resumeSession(cliSessionId, opts, targetWs) {
     // If a session with this cliSessionId already exists, just switch to it
     var existing = null;
     sessions.forEach(function (s) {
@@ -361,7 +432,7 @@ function createSessionManager(opts) {
     });
     if (existing) {
       existing.lastActivity = Date.now();
-      switchSession(existing.localId);
+      switchSession(existing.localId, targetWs);
       return existing;
     }
@@ -386,7 +457,7 @@ function createSessionManager(opts) {
     };
     sessions.set(localId, session);
     saveSessionFile(session);
-    switchSession(localId);
+    switchSession(localId, targetWs);
     return session;
   }
@@ -460,6 +531,21 @@ function createSessionManager(opts) {
     replayHistory: replayHistory,
     searchSessions: searchSessions,
     setResolveLoopInfo: setResolveLoopInfo,
+    setSessionVisibility: function (localId, visibility) {
+      var session = sessions.get(localId);
+      if (!session) return { error: "Session not found" };
+      session.sessionVisibility = visibility;
+      saveSessionFile(session);
+      broadcastSessionList();
+      return { ok: true };
+    },
+    setSessionOwner: function (localId, ownerId) {
+      var session = sessions.get(localId);
+      if (!session) return { error: "Session not found" };
+      session.ownerId = ownerId;
+      saveSessionFile(session);
+      return { ok: true };
+    },
   };
 }

package/lib/smtp.js ADDED Viewed

@@ -0,0 +1,221 @@
+var nodemailer = require("nodemailer");
+var crypto = require("crypto");
+// --- OTP configuration ---
+var OTP_EXPIRY_MS = 10 * 60 * 1000;   // 10 minutes
+var OTP_MAX_ATTEMPTS = 3;
+var OTP_COOLDOWN_MS = 60 * 1000;       // 1 request per minute per email
+// --- In-memory OTP store ---
+var otpStore = {}; // email → { code, expiresAt, attempts, createdAt }
+// --- Transporter cache ---
+var transporter = null;
+// --- Users module (lazy-loaded to avoid circular deps) ---
+var _users = null;
+function getUsers() {
+  if (!_users) _users = require("./users");
+  return _users;
+}
+// --- SMTP config helpers ---
+function getSmtpConfig() {
+  var data = getUsers().loadUsers();
+  return data.smtp || null;
+}
+function saveSmtpConfig(config) {
+  var data = getUsers().loadUsers();
+  data.smtp = config;
+  getUsers().saveUsers(data);
+  resetTransporter();
+}
+function isSmtpConfigured() {
+  var cfg = getSmtpConfig();
+  return !!(cfg && cfg.host && cfg.user && cfg.pass && cfg.from);
+}
+function isEmailLoginEnabled() {
+  var cfg = getSmtpConfig();
+  return isSmtpConfigured() && !!(cfg && cfg.emailLoginEnabled);
+}
+// --- Transporter management ---
+function createTransporter(cfg) {
+  return nodemailer.createTransport({
+    host: cfg.host,
+    port: cfg.port || 587,
+    secure: !!cfg.secure,
+    auth: { user: cfg.user, pass: cfg.pass },
+    connectionTimeout: 10000,
+    greetingTimeout: 10000,
+  });
+}
+function getTransporter() {
+  if (transporter) return transporter;
+  var cfg = getSmtpConfig();
+  if (!cfg) return null;
+  transporter = createTransporter(cfg);
+  return transporter;
+}
+function resetTransporter() {
+  if (transporter) {
+    try { transporter.close(); } catch (e) {}
+  }
+  transporter = null;
+}
+// --- Test connection ---
+function testConnection(cfg) {
+  var t = createTransporter(cfg);
+  return t.verify().then(function () {
+    try { t.close(); } catch (e) {}
+    return { ok: true };
+  }).catch(function (err) {
+    try { t.close(); } catch (e) {}
+    return { ok: false, error: err.message || "Connection failed" };
+  });
+}
+function sendTestEmail(cfg, toEmail) {
+  var t = createTransporter(cfg);
+  return t.sendMail({
+    from: cfg.from,
+    to: toEmail,
+    subject: "Clay SMTP Test",
+    html: '<div style="font-family:system-ui,sans-serif;max-width:400px;margin:0 auto;padding:24px">' +
+      '<h2 style="color:#DA7756;margin:0 0 16px">Clay</h2>' +
+      '<p style="color:#333;margin:0">SMTP is configured correctly. You will receive login codes and invite emails at this address.</p>' +
+      '</div>',
+  }).then(function (info) {
+    try { t.close(); } catch (e) {}
+    return { ok: true, messageId: info.messageId };
+  }).catch(function (err) {
+    try { t.close(); } catch (e) {}
+    throw err;
+  });
+}
+// --- Send email ---
+function sendMail(to, subject, html) {
+  var t = getTransporter();
+  if (!t) return Promise.reject(new Error("SMTP not configured"));
+  var cfg = getSmtpConfig();
+  return t.sendMail({
+    from: cfg.from,
+    to: to,
+    subject: subject,
+    html: html,
+  });
+}
+// --- OTP generation and verification ---
+function generateOtp() {
+  var bytes = crypto.randomBytes(3);
+  var num = ((bytes[0] << 16) | (bytes[1] << 8) | bytes[2]) % 1000000;
+  return String(num).padStart(6, "0");
+}
+function requestOtp(email) {
+  var key = email.toLowerCase();
+  var existing = otpStore[key];
+  if (existing && (Date.now() - existing.createdAt) < OTP_COOLDOWN_MS) {
+    var wait = Math.ceil((OTP_COOLDOWN_MS - (Date.now() - existing.createdAt)) / 1000);
+    return { error: "Please wait " + wait + " seconds before requesting a new code", retryAfter: wait };
+  }
+  var code = generateOtp();
+  otpStore[key] = {
+    code: code,
+    expiresAt: Date.now() + OTP_EXPIRY_MS,
+    attempts: 0,
+    createdAt: Date.now(),
+  };
+  return { ok: true, code: code };
+}
+function verifyOtp(email, code) {
+  var key = email.toLowerCase();
+  var entry = otpStore[key];
+  if (!entry) return { valid: false, error: "No code requested" };
+  if (Date.now() > entry.expiresAt) {
+    delete otpStore[key];
+    return { valid: false, error: "Code expired" };
+  }
+  entry.attempts++;
+  if (entry.attempts > OTP_MAX_ATTEMPTS) {
+    delete otpStore[key];
+    return { valid: false, error: "Too many attempts" };
+  }
+  // Timing-safe comparison
+  var a = Buffer.from(entry.code);
+  var b = Buffer.from(String(code).padStart(6, "0"));
+  if (a.length !== b.length || !crypto.timingSafeEqual(a, b)) {
+    var left = OTP_MAX_ATTEMPTS - entry.attempts;
+    return { valid: false, error: "Invalid code", attemptsLeft: left };
+  }
+  delete otpStore[key];
+  return { valid: true };
+}
+// --- Email templates ---
+function sendOtpEmail(email, code) {
+  var subject = "Your Clay login code: " + code;
+  var html = '<div style="font-family:system-ui,sans-serif;max-width:400px;margin:0 auto;padding:24px">' +
+    '<h2 style="color:#DA7756;margin:0 0 16px">Clay</h2>' +
+    '<p style="color:#333;margin:0 0 16px">Your verification code is:</p>' +
+    '<div style="font-size:32px;font-weight:700;letter-spacing:8px;padding:16px 0;text-align:center;' +
+    'background:#f5f5f5;border-radius:8px;color:#333;font-family:monospace">' + code + '</div>' +
+    '<p style="color:#999;font-size:13px;margin:16px 0 0">This code expires in 10 minutes. If you didn\'t request this, you can ignore this email.</p>' +
+    '</div>';
+  return sendMail(email, subject, html);
+}
+function sendInviteEmail(email, inviteUrl, inviterName) {
+  var subject = "You've been invited to Clay";
+  var html = '<div style="font-family:system-ui,sans-serif;max-width:400px;margin:0 auto;padding:24px">' +
+    '<h2 style="color:#DA7756;margin:0 0 16px">Clay</h2>' +
+    '<p style="color:#333;margin:0 0 16px">' + (inviterName || "An admin") + ' has invited you to join Clay.</p>' +
+    '<p style="margin:0 0 16px"><a href="' + inviteUrl + '" style="display:inline-block;padding:12px 24px;' +
+    'background:#DA7756;color:#fff;text-decoration:none;border-radius:8px;font-weight:600">Accept Invite</a></p>' +
+    '<p style="color:#999;font-size:13px;margin:0">This invite link expires in 24 hours.</p>' +
+    '</div>';
+  return sendMail(email, subject, html);
+}
+// --- Cleanup expired OTPs ---
+setInterval(function () {
+  var now = Date.now();
+  var keys = Object.keys(otpStore);
+  for (var i = 0; i < keys.length; i++) {
+    if (now > otpStore[keys[i]].expiresAt) {
+      delete otpStore[keys[i]];
+    }
+  }
+}, 60000);
+module.exports = {
+  getSmtpConfig: getSmtpConfig,
+  saveSmtpConfig: saveSmtpConfig,
+  isSmtpConfigured: isSmtpConfigured,
+  isEmailLoginEnabled: isEmailLoginEnabled,
+  testConnection: testConnection,
+  sendTestEmail: sendTestEmail,
+  sendMail: sendMail,
+  resetTransporter: resetTransporter,
+  generateOtp: generateOtp,
+  requestOtp: requestOtp,
+  verifyOtp: verifyOtp,
+  sendOtpEmail: sendOtpEmail,
+  sendInviteEmail: sendInviteEmail,
+};